OT Network Traffic Analyst – Anomaly Detection Specialist

Job Description:

Job Title: OT Network Traffic Analyst – Anomaly Detection Specialist

Job Summary:
We are seeking a skilled OT Network Traffic Analyst with deep expertise in Operational
Technology (OT) communication protocols to join our cross-functional security and ML team.
The ideal candidate will be responsible for intercepting and analyzing OT network traffic,
identifying potential anomalies, and contributing to the development of cutting-edge anomaly
detection solutions — even across proprietary and undocumented protocols.
This is a hands-on role requiring both technical proficiency in network traffic inspection and the
ability to collaborate with machine learning engineers and cybersecurity experts.

Key Responsibilities:
• Intercept, monitor, and analyze traffic from OT/ICS networks in real-time and from
historical captures.
• Perform protocol-level inspection across standard (e.g., Modbus, DNP3, OPC-UA, IEC
61850) and proprietary OT communication protocols.
• Reverse engineer undocumented or proprietary OT protocols where necessary.
• Identify and flag anomalous behavior or patterns in the traffic, correlating with known
attack vectors or operational deviations.
• Collaborate with ML engineers to define features and data inputs for anomaly detection
models.
• Contribute domain expertise in OT to refine, validate, and test detection algorithms.
• Assist in setting up testbeds and simulations to emulate OT environments and collect
relevant traffic data.
• Document findings and create actionable reports for both technical and non-technical
stakeholders.
• Stay current with advancements in OT threat intelligence and anomaly detection research.

Required Qualifications:
• Bachelor's or Master's degree in Computer Science, Electrical Engineering, Cybersecurity,
or a related field.
• 3+ years of experience working in OT/ICS environments.
• Deep understanding of OT communication protocols (e.g., Modbus, BACnet, PROFINET,
OPC, etc.), including ability to analyze raw packet captures.
• Experience with network traffic analysis tools (Wireshark, Zeek, tcpdump, etc.).
• Familiarity with network intrusion detection systems (NIDS) and traffic replay tools.

• Basic knowledge of machine learning concepts and how data features are derived from raw
data.
• Hands-on experience with packet inspection, protocol dissection, or protocol reverse
engineering.

Preferred Qualifications:
• Experience working with or developing anomaly detection models in cybersecurity.
• Knowledge of ICS/SCADA systems and the Purdue model.

• Exposure to proprietary or vendor-specific OT protocols (e.g., Siemens S7, GE, Allen-
Bradley, etc.).

• Familiarity with cybersecurity frameworks like NIST, MITRE ATT&CK for ICS.
• Scripting or automation skills (Python, Bash) for parsing and transforming traffic data.
• Prior experience in cross-functional teams including ML and cybersecurity experts.

Why Join Us?
• Work on cutting-edge anomaly detection in real-world OT environments.
• Collaborate with a high-caliber team of machine learning and cybersecurity professionals.
• Tackle novel challenges across legacy and proprietary OT protocols.
• Flexible work environment and opportunity to influence core security products.